#include "Network.h"
#include "UidRanges.h"
+// A VirtualNetwork may be "secure" or not.
+//
+// A secure VPN is the usual type of VPN that grabs the default route (and thus all user traffic).
+// Only a few privileged UIDs may skip the VPN and go directly to the underlying physical network.
+//
+// A non-secure VPN ("bypassable" VPN) also grabs all user traffic by default. But all apps are
+// permitted to skip it and pick any other network for their connections.
class VirtualNetwork : public Network {
public:
- explicit VirtualNetwork(unsigned netId);
+ VirtualNetwork(unsigned netId, bool hasDns, bool secure);
virtual ~VirtualNetwork();
+ bool getHasDns() const;
+ bool isSecure() const;
+ bool appliesToUser(uid_t uid) const;
+
int addUsers(const UidRanges& uidRanges) WARN_UNUSED_RESULT;
int removeUsers(const UidRanges& uidRanges) WARN_UNUSED_RESULT;
- Type getType() const override;
-
private:
+ Type getType() const override;
int addInterface(const std::string& interface) override WARN_UNUSED_RESULT;
int removeInterface(const std::string& interface) override WARN_UNUSED_RESULT;
+ const bool mHasDns;
+ const bool mSecure;
UidRanges mUidRanges;
};
OSDN Git Service
